Forescout CounterACT 6.3.4.1 - Open Redirect

Open redirect vulnerability in assets/login on the Forescout CounterACT NAC device before 7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the 'a' parameter. id: CVE-2012-4982 info: name: Forescout CounterACT 6.3.4.1 - Open Redirect...

EUVD-2012-1835

Malware in sbrugna...

EUVD-2016-10292

Malware in sbrugna...

EUVD-2012-4909

Malware in sbrugna...

EUVD-2021-14802

Malware in sbrugna...

EUVD-2012-4907

Malware in sbrugna...

CVE-2021-28098

An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation vulnerability is present in the logging function. SecureConnector runs with administrative privileges and writes logs entries to a file in %PROGRAMDATA%\ForeScout SecureConnector\ that has full permissions...

CVE-2012-1825

Multiple cross-site scripting XSS vulnerabilities in the status program on the ForeScout CounterACT appliance with software 6.3.3.2 through 6.3.4.10 allow remote attackers to inject arbitrary web script or HTML via 1 the loginname parameter in a forgotpass action or 2 the username parameter...

Forescout CounterACT Service Detection

Binary data forescoutcounteractservicedetect.nbin...

Top 5 Infrastructure as Code Security Challenges

Learn how to counteract the top five challenges of IaC and discover how these obstacles pose a threat to security and gain valuable insight in how to mitigate these risks...

CVE-2021-28098

An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation vulnerability is present in the logging function. SecureConnector runs with administrative privileges and writes logs entries to a file in %PROGRAMDATA%\ForeScout SecureConnector\ that has full permissions...

Privilege escalation

An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation vulnerability is present in the logging function. SecureConnector runs with administrative privileges and writes logs entries to a file in %PROGRAMDATA%\ForeScout SecureConnector\ that has full permissions...

CVE-2021-28098

Forescout CounterACT

CVE-2021-28098

An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation vulnerability is present in the logging function. SecureConnector runs with administrative privileges and writes logs entries to a file in %PROGRAMDATA%\ForeScout SecureConnector\ that has full permissions...

Forescout CounterACT 安全漏洞

Forescout CounterACT is a software application from Forescout USA. Network Access Control Software A security vulnerability exists in Forescout CounterACT versions prior to 8.1.4, which can be exploited by an attacker to point a log file to a privileged location, such as %WINDIR%System32...

CVE-2016-9485

On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The SecureConnector...

CVE-2016-9486

On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The SecureConnector...

Directory traversal

On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The SecureConnector...

CVE-2016-9486

CVE-2016-9486 affects ForeScout CounterACT's Windows SecureConnector agent. The agent downloads and runs scripts/executables from the current user’s TEMP directory while executing a SYSTEM-level batch file, creating insecure permissions and enabling privilege escalation for a local unprivileged u...

CVE-2016-9486 On Windows endpoints, the SecureConnector agent is vulnerable to privilege escalation whereby an authenticated unprivileged user can obtain administrator privileges on the endpoint because files are created in a folder with incorrect privileges

On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The SecureConnector...